Total
4661 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-31618 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through 1.0.9. | |||||
| CVE-2025-31376 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Mayeenul Islam NanoSupport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NanoSupport: from n/a through 0.6.0. | |||||
| CVE-2025-31681 | 2025-04-01 | N/A | N/A | ||
| Missing Authorization vulnerability in Drupal Authenticator Login allows Forceful Browsing.This issue affects Authenticator Login: from 0.0.0 before 2.0.6. | |||||
| CVE-2025-31686 | 2025-04-01 | N/A | N/A | ||
| Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10. | |||||
| CVE-2025-31685 | 2025-04-01 | N/A | N/A | ||
| Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10. | |||||
| CVE-2025-31691 | 2025-04-01 | N/A | N/A | ||
| Missing Authorization vulnerability in Drupal OAuth2 Server allows Forceful Browsing.This issue affects OAuth2 Server: from 0.0.0 before 2.1.0. | |||||
| CVE-2025-31678 | 2025-04-01 | N/A | N/A | ||
| Missing Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Forceful Browsing.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.3. | |||||
| CVE-2025-31782 | 2025-04-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in pupunzi mb.YTPlayer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects mb.YTPlayer: from n/a through 3.3.8. | |||||
| CVE-2025-31752 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in termel Bulk Fields Editor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bulk Fields Editor: from n/a through 1.8.0. | |||||
| CVE-2025-31773 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in cedcommerce Ship Per Product allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Ship Per Product: from n/a through 2.1.0. | |||||
| CVE-2025-31765 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in themeqx GDPR Cookie Notice allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GDPR Cookie Notice: from n/a through 1.2.0. | |||||
| CVE-2025-31732 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in gb-plugins GB Gallery Slideshow allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GB Gallery Slideshow: from n/a through 1.3. | |||||
| CVE-2025-30926 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in KingAddons.com King Addons for Elementor. This issue affects King Addons for Elementor: from n/a through 24.12.58. | |||||
| CVE-2025-3037 | 2025-04-01 | 5.0 MEDIUM | 4.3 MEDIUM | ||
| A vulnerability has been found in yzk2356911358 StudentServlet-JSP cc0cdce25fbe43b6c58b60a77a2c85f52d2102f5/d4d7a0643f1dae908a4831206f2714b21820f991 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. | |||||
| CVE-2025-31781 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ahmadshyk Gift Cards for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Gift Cards for WooCommerce: from n/a through 1.5.8. | |||||
| CVE-2025-31777 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in BeastThemes Clockinator Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clockinator Lite: from n/a through 1.0.7. | |||||
| CVE-2025-30797 | 2025-04-01 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool – Fix peralinks, accents, auto create menus and more allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Greek Multi Tool – Fix peralinks, accents, auto create menus and more: from n/a through 2.3.1. | |||||
| CVE-2025-30880 | 2025-04-01 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in JoomSky JS Help Desk allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Help Desk: from n/a through 2.9.2. | |||||
| CVE-2025-31786 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Travis Simple Icons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Icons: from n/a through 2.8.4. | |||||
| CVE-2025-31408 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Zoho Flow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zoho Flow: from n/a through 2.13.3. | |||||